NSA: Leaker Snowden copied co-worker's password

February 14, 2014 10:42:27 AM

-

WASHINGTON -- Former National Security Agency analyst Edward Snowden gained access to at least some classified documents he later disclosed by copying a password from a co-worker who has since resigned, the NSA reported to Congress. Snowden has previously said he did not steal any passwords.

The unnamed civilian employee who worked with Snowden resigned last month after the government revoked his security clearance, according to a letter that NSA legislative director Ethan L. Bauman sent this week to the House Judiciary Committee. A military employee and a private contractor also lost their access to NSA data as part of the continuing investigation, Bauman said.

Bauman's memo, dated Monday, provides some of the first details about what authorities said they have learned about how Snowden retrieved so many classified documents before passing them to news organizations. Top U.S. national security officials have acknowledged they do not know many files Snowden took before he fled the U.S. to seek refuge in Russia.

Snowden, a former NSA contract systems analyst, has denied that he stole computer passwords or tricked some co-workers into giving him their passwords. The NSA letter suggested Snowden tricked at least one co-worker and copied the employee's password without his knowledge.

The civilian NSA worker told FBI investigators last June that he allowed Snowden to use an encrypted digital key known as a Public Key Infrastructure certificate to gain access to classified information on NSANet, the agency's computer network. The system connects into many of the NSA's classified databanks. The memo said that previously Snowden had been denied access to the network.

After the co-worker entered his secure PKI password, Snowden "was able to capture the password, allowing him even greater access to classified information," Bauman told lawmakers. He said the civilian NSA employee was not aware that Snowden intended to reveal any classified information. It was not clear from the memo how much classified information Snowden had collected before using the co-worker's password.

Last month, Snowden denied either stealing or using trickery to gaining access to the NSA's network.

"I never stole any passwords, nor did I trick an army of co-workers," Snowden said during a public question and answer session on the "Free Snowden" website.

The NSA suspended the co-worker's access to secure data and in November, revoked his security clearance. The NSA informed the employee it planned to fire him and he resigned instead in January, Bauman said.

A U.S. military employee and a private contractor also lost their access to classified data, but Bauman's letter did not disclose what lapses they might have committed.

The head of U.S. spying programs, Director of National Intelligence James Clapper, told senators this week that Snowden's access to so many classified files has accelerated plans to tighten clearance procedures and monitoring on government computers.

Clapper told the Senate Armed Services Committee that the Snowden breach was a "perfect storm for him, since he was a systems administrator and a highly-skilled, technically skilled IT professional, and so he knew exactly what he was doing. And it was his job as assistant administrator to arrange across a lot of the databases. And he was pretty skilled at staying below the radar, so what he was doing wasn't visible."

Clapper acknowledged that the Hawaii NSA station where Snowden worked did not have the same level of security that exists at the agency's Fort Meade, Md., headquarters. The agency is strengthening security levels throughout its network, Clapper said, tightening daily access to its databanks and laying plans to subject its employees to random clearance and security checks.